systems and methods according to the present invention provide a more secure Automated Teller machine (ATM) transaction by preventing observation of banking customers' Personal Identification Number (PIN). Such systems and methods make it difficult to obtain a customer's PIN by tracking the hand movement of a customer using an ATM. inputs presented for a customer selection are preferably dynamically displayed in different locations preferably each time the customer is asked to enter a PIN. Dynamically changing the sequence of the display and/or location of the presented inputs reduces the possibility of mapping the hand movement of the customer to the positions of the inputs displayed for a customer selection. inputs may also be presented at a very narrow viewing angle, thereby making observation of a PIN difficult. Hence, banking customers are preferably provided with a more robust and secured ATM transaction system.

Patent
   9196111
Priority
Jan 04 2011
Filed
Jan 04 2011
Issued
Nov 24 2015
Expiry
May 11 2033

TERM.DISCL.
Extension
858 days
Assg.orig
Entity
Large
16
45
currently ok
1. A system for providing a more secure entry of a confidential access sequence comprising:
a keypad configured to display numerical inputs one through nine available for a user selection and to accept a user selection;
a machine readable memory configured to store machine executable instructions for displaying in pre-determined, temporary, non-sequential positions the numerical inputs one through nine available for a user selection; and
a processor device configured to execute the machine executable instructions for displaying in pre-determined, temporary, non-sequential positions the inputs available for a user selection and communicate the pre-determined, temporary, non-sequential positions of the inputs to the keypad;
the processor device further configured to display the inputs available for user selection as a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the top left corner when a first portion of a user's confidential access sequence has been entered correctly;
the keypad further comprising a plurality of buttons with transparent surfaces; and
a plurality of screens visible through the transparent surfaces of the multiple buttons, wherein each button has an individual screen visible through the button's transparent surface.
8. A method for providing a more secure entry of a confidential access sequence comprising:
for a first user, displaying on a keypad numerical inputs one through nine available for a user selection in a first pre-determined, temporary, non-sequential layout;
displaying the inputs available for selection by said first user as a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the top left corner when a first portion of said first user's confidential access sequence has been entered correctly;
for a second user, displaying on a keypad numerical inputs one through nine available for a user selection in a second pre-determined, temporary, non-sequential layout;
displaying the inputs available for selection by said second user as a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the top left corner when a first portion of said second user's confidential access sequence has been entered correctly;
Wherein said first layout and said second layout are different;
the keypad further comprising a plurality of buttons with transparent surfaces; and
a plurality of screens visible through the transparent surfaces of the multiple buttons, wherein each button has an individual screen visible through the button's transparent surface.
7. A method for providing a more secure entry of a confidential access sequence comprising:
for a first user, displaying on a keypad, numerical inputs one through nine available for a user selection in a set of first pre-determined, temporary, non-sequential positions;
displaying the inputs available for selection by said first user as a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the top left corner when a first portion of said first user's confidential access sequence has been entered correctly;
for a second user, displaying on a keypad said numerical inputs one through nine available for a user selection in a set of second pre-determined, temporary, non-sequential positions;
displaying the inputs available for selection by said second user as a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the top left corner when a first portion of said second user's confidential access sequence has been entered correctly;
wherein said set of first positions and said set of second positions are different;
the keypad further comprised of a plurality of buttons with transparent surfaces; and
a plurality of screens visible through the transparent surfaces of the multiple buttons, wherein each button has an individual screen visible through the button's transparent surface.
2. The system of claim 1 wherein each screen included in the plurality of screens is configured to display at least one input available for a user selection.
3. The system of claim 1 wherein the keypad comprises:
multiple buttons, each button having a transparent surface; and
a screen visible through the transparent surface of each of the multiple buttons.
4. The system of claim 3 wherein each screen is configured to display at least one input available for a user selection.
5. The system of claim 4 wherein the machine executable instructions further comprise instructions for displaying in pre-determined, temporary positions the inputs available for a user selection based on randomizing the displayed positions of the inputs available for a user selection.
6. The system of claim 3 wherein the screen visible through the transparent surface of each of the multiple buttons comprises a screen with a narrow viewing angle.
9. The method of claim 8 wherein the first layout comprises displaying in pre-determined, temporary positions the inputs available for a user selection.
10. The method of claim 9 further comprising displaying on a screen visible through a transparent surface of each of the buttons of the keypad the pre-determined, temporary positions of the inputs available for a user selection.
11. The method of claim 9 comprising determining the pre-determined, temporary positions based on randomizing the positions of displayed inputs.
12. The method of claim 11 wherein only the positions of inputs part of a user's confidential access sequence are randomized.
13. The method of claim 11 wherein only the positions of numerical inputs are randomized.
14. The method of claim 8 further comprising displaying in pre-determined, temporary positions the inputs available for a user selection based on randomizing the displayed positions of the inputs available for a user selection after each user selection until a valid confidential access sequence has been entered.
15. The method of claim 8 further comprising presenting to a user an option of displaying a conventional layout of the inputs available for a user selection;
Wherein the conventional layout comprises displaying at least one of:
a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the bottom left corner; and
a display of alphabetic inputs in a QWERTY layout.
16. The method of claim 8 further comprising displaying the inputs available for a user selection in a conventional layout after a defined number of invalid entries of a confidential access sequence;
wherein the conventional layout comprises displaying at least one of:
a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the bottom left corner; and
a display of alphabetic inputs in a QWERTY layout.
17. The method of claim 16 wherein the defined number of invalid entries is system defined.
18. The method of claim 16 wherein the defined number of invalid entries is user defined.
19. The method of claim 16 wherein the defined number of invalid entries is based on a randomized selection of a number selected from a set of numbers less than a system defined maximum.
20. The method of claim 8 further comprising displaying inputs available for a user selection in a conventional layout following the entry of a valid confidential access sequence;
wherein the conventional layout comprises displaying at least one of:
a display of numerical inputs one through nine sequentially in three rows of three keys starting with the number one in the bottom left corner; and
a display of alphabetic inputs in a QWERTY layout.
21. The method of claim 8 wherein the first layout comprises displaying functional inputs available for a user selection in pre-determined, temporary positions.
22. The method of claim 21 further comprising determining the pre-determined, temporary positions based on randomizing the positions of the displayed inputs.
23. The method of claim 8 further comprising displaying the inputs available for a user selection at a narrow viewing angle.

Aspects of the invention relate to preventing unauthorized capture of a users confidential Automated Teller Machine (“ATM”) access sequence.

ATMs provide banking customers the ability to access bank account information, deposit funds and withdraw funds. ATMs may often obviate the need for a banking customer to consult a human clerk. Additionally, ATMs may be located in a variety of diverse locations remote from banking centers. For example, ATMs may be placed on street corners, in convenience stores, supermarkets or sports arenas. The wide variety of possible locations for an ATM provides banking customers with access to cash and banking account information at convenient public locations.

To prevent the risk of fraudulent access to a customer's banking account information a typical ATM requires a customer to insert a plastic card containing a magnetic stripe or chip. The card is typically issued by the customer's bank and/or other financial institution (collectively hereinafter, “bank”). The magnetic stripe or chip may store data including a unique card number and security information.

In addition to requiring a customer to insert a card, ATMs provide an additional level of protection. Following the receipt of the bank card information, an ATM will prompt the customer to input a personal identification number (PIN). Only if the PIN entered is properly associated with the card inserted by the banking customer will the ATM allow access to cash and bank account information.

However, the wide variety of locations associated with ATMs and lack of close human supervision at the ATM increases the risk of unauthorized access to a customer's bank account information. For example, a thief may utilize a skimming device placed on or in an ATM that reads data encrypted on a banking card's magnetic stripe. The skimmer may be placed over a card slot reader of an ATM and may read the magnetic stripe as the card is inserted into the slot.

A customer may not notice that a skimmer has been placed on or in an ATM because the skimmer may not impede legitimate access to the customer's bank account information. Thus, the skimmer may obtain information encoded on a bank card's magnetic stripe in a manner transparent to the customer. Additionally, the skimmer may wirelessly transmit obtained customer information thus obviating the need for the thief to physically access the skimmer.

A skimmer may also include a hidden camera that may capture a customer's PIN. A hidden camera may also be placed in a different location than a skimmer. The camera may track the hand movements of a banking customer as the customer inputs a PIN. The sequence of different inputs available for selection and their positions are conventionally fixed and uniform for ATM input devices. For example, numeric inputs are displayed in three rows of three inputs and a fourth row having a single input. In a numeric display the number “1” usually appears in the left top corner, the number “3” usually appears in the top right corner and “0” usually appears in the fourth row.

The fixed sequence and positions of the numeric buttons allows an unscrupulous observer to map the movement of the customer's fingers to the numbers entered by the ATM customer. The mapping therefore exposes the customer's PIN. Together with information obtained by a skimmer, an unscrupulous observer may possess the confidential information needed to access a banking customer's cash and bank account information.

Alternatively, an unscrupulous observer may affix a thin keypad overlay to an ATM's keypad. The keypad overlay may contain circuitry that records the buttons pressed by a banking customer. The recorded information may include a PIN entered by the customer.

Additionally, a recording of buttons pressed, or a recording of a customer's hand movements may contain a date and time stamp. The date and time stamp would allow an observer to correlate information gleaned from a skimmer with inputs selected by a customer at the time a specific bank card was inserted. The correlation associates a customer's confidential bank card information to his or her PIN information.

Skimmer devices, keypad overlays and hidden cameras are becoming increasingly common and increasingly difficult to detect. Only a pinhole sized camera is needed to record PIN information. The miniscule footprint of hidden cameras allows the cameras to be skillfully hidden and hard to identify. A keypad overlay or skimmer may look and feel like a legitimate part of the ATM operating in a manner transparent to a customer.

According to the European ATM Security Team (EAST), a not-for-profit payment security organization, ATM crimes in Europe have increased 149 percent between 2007 and 2008. Most of the increase has been linked to ATM skimming attacks. During 2008, a total of 10,302 skimming incidents were reported in Europe. In the United States, between April and May of 2010 one bank estimated its losses due to compromised PIN numbers to be over 200,000 USD.

Therefore, it would be valuable to provide more secure systems and methods of conducting ATM transactions. More secure systems and methods for conducting ATM transactions would help reduce the losses of a banking center and help reduce customer inconvenience due to compromised bank account information. Furthermore, a more secure ATM transaction would give banking customers additional confidence that they are less likely to be victims of identity and/or monetary theft.

Accordingly, it would be desirable to provide systems and methods which reduce exposure of banking customers' confidential PIN and bank account information.

It is an object of this invention to provide systems and methods which reduce exposure of banking customers' confidential PIN and bank account information.

The objects and advantages of the invention will be apparent upon consideration of the following detailed description, taken in conjunction with the accompanying drawings, in which like reference characters refer to like parts throughout, and in which:

FIG. 1 shows an illustrative flow diagram of steps and options for providing a more secure ATM transaction;

FIG. 2 shows a schematic diagram of a general purpose digital computing environment in which one or more aspects of the present invention may be implemented;

FIG. 3 shows a diagram of a conventional numeric layout;

FIG. 4 shows a banking customer inputting information into an ATM using a keypad;

FIG. 5 shows a banking customer inputting information into an ATM using a touch screen;

FIG. 6 shows a diagram of a dynamic display of numeric inputs;

FIG. 7 shows a dynamic display of numeric and functional inputs;

FIG. 8 shows a dynamic display of keys presented in a non-conventional pattern;

FIG. 9 shows a dynamic display based on shifting off-center with respect to the overall display the position of the displayed inputs; and

FIG. 10 shows a dynamic key.

Systems and methods for providing a more secure ATM transaction are provided. Systems and methods of practicing the current invention may increase the difficulty of obtaining a user's confidential information while the user is conducting an ATM transaction.

A standard ATM includes a screen and displayed keys that may be selected by a user. The displayed keys provide users with a choice of inputs for conducting an ATM transaction. The displayed keys therefore facilitate transactions including cash withdrawals, checking account balances, and making credit card payments. For example, a display of numeric keys allows a user to enter a withdrawal amount, a transfer amount or enter a numeric PIN.

Some ATMs utilize touch screens to display keys available for user selection. A user taps or touches the screen above the displayed key to input a number, letter, or to make any other selection. Some ATMs utilize mechanical keypads to display keys available for user selection. A user may select a displayed key by applying pressure or achieving contact with the desired key.

In conventional numeric layouts, numbers are placed in fixed positions. For example, numbers are displayed in three rows of three inputs and a fourth row having a single input. The number “1” usually appears in the top left corner, and the number “9” usually appears in the bottom right corner. “0” usually appears in the fourth row.

An ATM may also present a user with an alphabetic layout. The standard alphabetic layout is known as a QWERTY layout. The QWERTY layout is named for the first six letters displayed in the top left corner of the alphabetic layout.

Displaying the keys in consistent, conventional locations allows an unscrupulous observer to map the hand movement of a user to the inputs selected. If the displayed keys represent numbers to be selected by a user while entering a PIN, an unscrupulous observer may easily deduce the user's PIN.

To increase the difficulty of mapping a user's selections to the numbers or letters entered, systems and methods according to the current invention provide, at least in part, a dynamic rendering of the keys displayed for user selection. As opposed to conventional numeric, alphabetic or alphanumeric layouts, in which the location of numeric and letter keys are fixed and standard, certain embodiments of the current invention dynamically alter the layout and presentation of the displayed keys.

The dynamic display may include presenting numeric keys in a different sequence or format each time the system or an ATM asks a user to enter a PIN or confidential access sequence. For example, after a user inserts a bank card, the user may be presented with a randomized sequence of numeric keys. As illustrated in FIG. 6 (described in more detail below) the number “1” is now in the second row from the top, the number “9” is in the fourth row and “0” appears in the third row.

A dynamic display that randomizes the conventional numerical layout increases the difficulty of mapping a user's hand movement to conventional, predefined locations. If a camera had recorded a user's hand movements, an unscrupulous observer would not be certain which numbers were selected. Thus, the likelihood of a user's numeric PIN being compromised would be reduced.

For touch screen ATMs, the position of the displayed keys may be shifted to any position within the display area of the ATM screen. Shifting the position of displayed keys with respect to the overall display may allow a user to enter a PIN outside the view of a human observer or hidden camera.

For example, a hidden camera may have only been positioned to record a user's hand movements at a single location, such as at the center of an ATM screen. Shifting the location of the displayed keys off-center may place a user's hand movements outside the view of the camera. Positioning a camera with a wider angular view may require a larger lens or aperture, causing the camera to be more visible to ordinary observers.

In some embodiments the touch screen of an ATM may offer a narrow viewing angle. A narrow viewing angle reduces the possibility that a camera or observer may view the specific input represented by a particular key. Embodiments of displays with a narrow viewing angle are described more fully in U.S. patent application Ser. No. 12/825,522, filed on Jun. 29, 2010 which is hereby incorporated herein in its entirety.

Some ATMs may use mechanical keypads for presenting inputs available for user selection. For ATMs with mechanical keypads, some embodiments may involve physically modifying the individual buttons or keys of the ATM keypad. In some embodiments the buttons of a conventional keypad would be replaced with transparent buttons. Each transparent button would have its own display visible through the transparent surface of the buttons. Thus, the static display of each conventional key is preferably removed and replaced with new dynamic keys.

A dynamic key may display a number or letter in a different position than a conventional layout. For example, because each dynamic key has its own display visible through a transparent surface, instead of a number “1” being presented in the top left position, the top left position may display the number “5.”

Further, a dynamic presentation of a numeric keypad preferably reduces the likelihood of an unscrupulous observer ascertaining a user's numeric PIN. Because of the dynamic presentation of inputs an observer may be unable to map hand movements of a user to an input conventionally associated with a specific location on a keypad.

Moreover, a dynamic presentation of keys may reduce the effectiveness of keypad overlays. A keypad overlay may not be able to ascertain which displayed inputs are associated with a particular key. The dynamic representation of keys preferably undermines a critical assumption of keypad overlays—that the fixed positions of keys on the keypad represent fixed inputs.

In some embodiments, the display of a dynamic key may be offset to a predetermined depth from the transparent key surface. The offset would create a tunnel between the transparent surface of the dynamic key and the display. The side walls between the display and key surface would form the tunnel side walls. The tunnel side walls would prevent viewing of the displayed keys from a side or particular angular views. Only a planar view substantially parallel to the key surface would allow the dynamic key display to be viewed. Restricting the viewing angle of the displayed keys provides an added level of security in preventing unauthorized viewing of the displayed dynamic keys.

In some embodiments, the dynamic keys may include utilizing a display with a narrow viewing angle. Embodiments of displays with narrow viewing angles are described more fully in U.S. patent application Ser. No. 12/825,522, filed on Jun. 29, 2010 which has been incorporated herein in its entirety.

ATMs may also display functional keys. For example, a keypad may contain an “enter” key for finalizing a selection or a touch screen may display a “clear” button to delete the last selected input. In some embodiments, all keys presented for user selection, including functional keys, may be dynamically displayed. Additionally, all keys may be dynamically displayed whether an embodiment utilizes a touch screen or a dynamic keypad for receiving user input.

For example, instead of a number “1” being displayed in the conventional top left corner, the “enter” key may be displayed in the top left position. A number “5” may be displayed in the position previously occupied by the “enter” key.

In some embodiments, not all keys may be dynamically displayed. For example, some embodiments may only dynamically display the top two rows of numbers. The numbers not conventionally included in the top two rows may be displayed in their conventional positions. In some embodiments the lower two rows may be dynamically displayed, with the remaining numbers displayed in the conventional positions.

In some embodiments, a dynamic display may change the position of all numbers in a single row or single column. For example, the numbers “1, 2, 3” which appear in the top row of a conventional numeric layout may be dynamically displayed as “3, 1, 2.” The numbers “3, 6, 9” which appear in the last column of a conventional numeric layout may be dynamically displayed as “9, 6, 3.” Each row or column may be randomized individually, retaining the digits conventionally part of the row or column. Similarly, keys may be dynamically displayed based on the position of a key on a diagonal line. In some embodiments, individual keys may be selected for dynamic display, with non-selected keys remaining in their conventional positions.

In some embodiments, the shape or pattern formed by a display of the inputs may be dynamically altered. For example, instead of displaying inputs in a conventional rectangular shape, inputs may be dynamically displayed in a diamond or oval shape.

In some embodiments, the inputs that form a particular shape may be presented in sequential order. For example, if numerical inputs are displayed in an oval shape, the number “1” may be displayed on the top of the oval followed by the number “2” and then the numbers “3,” “4,” “6,” “7,” “8,” “9,” and “0”. The number “0” would close the oval, and be followed by the number “1.” In some embodiments, the order of the inputs and the pattern of the inputs may both be dynamically displayed.

The current system and methods of a more secure ATM transaction contemplate that a dynamic display of keys may be defined by a user or system defined.

In some embodiments, inputs presented for user selection may be dynamically displayed after each input selected by a user. For example, after inserting a bank card a user may be initially presented with a randomized layout. Following the receipt of a first digit of a numeric PIN, the dynamic display may present a re-randomized display or another pattern of presented inputs.

In some embodiments, the number of times inputs presented may be dynamically displayed following a user selection of an input may itself be dynamic. For example, in entering a four digit PIN, a user may experience one to four dynamic displays. In some embodiments, the number of dynamic displays may be randomized. In some embodiments the number of dynamic displays may be user defined or system defined.

In some embodiments, if a user enters an incorrect PIN, inputs presented may be dynamically displayed again. In some embodiments following a defined number of incorrect attempts to enter a PIN, the conventional layout may be presented. The defined number of attempts before a conventional layout is presented may be system defined or user defined.

For example, a user may prefer that after four incorrect attempts to enter a PIN, the display presents a conventional layout. In some embodiments, the user may be presented with an option to display a conventional layout. In some embodiments, the option to display a conventional layout may be executed any time during an ATM transaction. In some embodiments, the user may only be presented with a choice to display a conventional layout after at least one failed attempt to enter a correct PIN.

In some embodiments, the system may randomly choose a predefined number of incorrect attempts to enter a PIN before displaying a conventional layout. For example, the system may randomly choose from between one and three incorrect attempts before presenting a conventional layout. In some embodiments, the system may display a conventional layout following a predefined number of incorrect attempts.

In some embodiments, a user may define the dynamic display that may be presented following insertion of a bank card. For example, some users may prefer a hollow rectangular shape, with the number “1” in the top left corner of the rectangle, the number “3” in the top right corner, the number “6” in the bottom right corner, the number “8” in the bottom left corner, and the number “0” just below the number “1.”

As a further example, a user may prefer to only randomize a diagonal row or vertical column of inputs. All other inputs not conventionally part of the designated column or row may still be presented in the conventional locations. Some users may prefer to only dynamically display the inputs that are part of their PIN, and display inputs not part of their PIN in the conventional locations.

For example, if a users PIN is 1234, then the user may choose to randomize the numbers 1234. All other numbers may appear in their conventional locations. Any other combination of keys may be chosen, such as a birthday or anniversary. Keys not selected by the user may be displayed in their conventional positions. Examples of a birthday or anniversary may include randomizing the numbers 0128, representing Jan 28 or 032914 representing Mar. 29, 2014.

In some embodiments, the identical dynamic display may be presented until a correct PIN is entered. In some embodiments, the user may choose, after a number of incorrect attempts to be presented with a new dynamic display. In some embodiments, the system may define the number of incorrect attempts before presenting a new dynamic display.

In some embodiments, users may be offered the option of opting-out of being presented with a dynamic display. In some embodiments a user may be offered the option of opting-in to be presented with a dynamic display. In some embodiments, a user may be presented with a message reminding the user that the display is dynamically presented.

In some embodiments, after a user has entered a correct PIN, the dynamic display may return to a conventional layout. Users may be more comfortable entering non-confidential data using a conventional layout. In some embodiments, a conventional layout may not be presented even if a PIN is requested, if the user has not inserted a bank card immediately prior to the PIN request. In some embodiments, each time a user is asked to input a PIN, presented inputs may be dynamically displayed. In some embodiments, the presentation of inputs following an initial input of a PIN may be system or user defined.

The dynamic display may utilize a randomized presentation of inputs available for selection, or other deviations from the conventional presentation of inputs. Some embodiments may allow a user to define a dynamic display, and in some embodiments the dynamic display may be system defined.

As will be appreciated by one skilled in the art, although systems and methods of receiving a user PIN for conducting an ATM transaction have been illustrated, systems and methods according to the invention may be applicable to other areas and other devices. Some embodiments of the invention may also be applied in any area that requires prompting for receipt of a confidential sequence of inputs, such as pre-paid phone booths, and/or confidential sequences entered to gain access to restricted resources. Certain embodiments of the invention may also be implemented on mobile devices such as mobile phone or personal computers.

Illustrative embodiments of apparatus and methods in accordance with the principles of the invention will now be described with reference to the accompanying drawings, which form a part hereof. It is to be understood that other embodiments may be utilized and structural, functional and procedural modifications may be made without departing from the scope and spirit of the present invention.

As will be appreciated by one of skill in the art, the invention described herein may be embodied in whole or in part as a method, a data processing system, or a computer program product. Accordingly, the invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software, hardware and any other suitable approach or apparatus.

Furthermore, such aspects may take the form of a computer program product stored by one or more computer-readable storage media having computer-readable program code, or instructions, embodied in or on the storage media. Any suitable computer readable storage media may be utilized, including hard disks, CD-ROMs, optical storage devices, magnetic storage devices, and/or any combination thereof. In addition, various signals representing data or events as described herein may be transferred between a source and a destination in the form of electromagnetic waves traveling through signal-conducting media such as metal wires, optical fibers, and/or wireless transmission media (e.g., air and/or space).

Processes in accordance with the principles of the invention may include one or more features of the process illustrated in FIG. 1. For the sake of illustration, the steps of the process illustrated in FIG. 1 will be described as being performed by a “system”. The “system” may include one or more of the features of the apparatus that are shown in FIGS. 2-10 and/or any other suitable device or approach. The “system” may be provided by an entity. The entity may be an individual, an organization or any other suitable entity.

FIG. 1 shows illustrative steps that may be performed by some embodiments of the invention. For the purpose of illustration, the steps will be described as being performed by or on a system in accordance with the principles of the invention.

At step 101, a user or banking customer inserts a bank card into an ATM. Following insertion of the bank card, the user is prompted to enter a confidential access sequence or PIN. At step 102, the inputs presented for user selection are dynamically displayed. The dynamic display may be a randomization of the presented inputs or a non-conventional pattern of presented inputs. At step 103, the user is presented with an option to opt-out of the dynamic display. Some users may be willing to forgo a more secure ATM transaction for the familiarity of a conventional display of inputs available for selection. If a user does opt-out, at step 110, the conventional layout is presented.

At step 104 the user enters a PIN by selecting presented inputs. At step 105, the system verifies that a correct PIN has been received before permitting access to bank account information. If a correct PIN has not been received, at step 109 the system tracks the number of incorrect attempts. If a predefined threshold of incorrect attempts have been made, at step 110 the system presents inputs available for selection in a conventional layout, and at step 104, the user enters a PIN by selecting presented inputs. If the predetermined threshold has not been exceeded, the system presents a dynamic display at step 102.

If a correct PIN has been received by the system, at step 106 the system allows the user to access bank account information and displays inputs available for selection in a conventional layout. At step 107 the user conducts a banking transaction.

One of ordinary skill in the art will appreciate that the steps shown and described herein may be performed in other than the recited order and that one or more steps illustrated may be optional. The methods of the above-referenced embodiments may involve the use of any suitable elements, steps, computer-executable instructions, or computer-readable data structures. In this regard, other embodiments are disclosed herein as well that can be partially or wholly implemented on a computer-readable medium, for example, by storing computer-executable instructions or modules or by utilizing computer-readable data structures.

FIG. 2 illustrates a block diagram of a generic computing device 201 (alternatively referred to herein as a “server”) that may be used according to an illustrative embodiment of the invention. The computer server 201 may have a processor 203 for controlling overall operation of the server and its associated components, including RAM 205, ROM 207, input/output module 209, and memory 215.

I/O module 209 may include a microphone, keypad, touch screen, and/or stylus through which a user of device 201 may provide input, and may also include one or more of a speaker for providing audio output and a video display device for providing textual, audiovisual and/or graphical output. Software may be stored within memory 215 and/or storage to provide instructions to processor 203 for enabling server 201 to perform various functions. For example, memory 215 may store software used by server 201, such as an operating system 217, application programs 219, and an associated database 221. Alternatively, some or all of server 201 computer executable instructions may be embodied in hardware or firmware (not shown). As described in detail below, database 221 may provide centralized storage of dynamic display patterns, shapes or methods.

Server 201 may operate in a networked environment supporting connections to one or more remote computers, such as terminals 241 and 251. Terminals 241 and 251 may be personal computers or servers that include many or all of the elements described above relative to server 201. The network connections depicted in FIG. 2 include a local area network (LAN) 225 and a wide area network (WAN) 229, but may also include other networks. When used in a LAN networking environment, computer 201 is connected to LAN 225 through a network interface or adapter 213. When used in a WAN networking environment, server 201 may include a modem 227 or other means for establishing communications over WAN 229, such as Internet 231. It will be appreciated that the network connections shown are illustrative and other means of establishing a communications link between the computers may be used. The existence of any of various well-known protocols such as TCP/IP, Ethernet, FTP, HTTP and the like is presumed, and the system can be operated in a client-server configuration to permit a user to retrieve web pages from a web-based server. Any of various conventional web browsers can be used to display and manipulate data on web pages.

Additionally, application program 219 used by server 201 according to an illustrative embodiment of the invention may include computer executable instructions for invoking user functionality related to communication, such as email, short message service (“SMS”), and voice input and speech recognition applications.

Computing device 201 and/or terminals 241 or 251 may also be mobile terminals including various other components, such as a battery, speaker, and antennas (not shown).

The invention may be operational with numerous other general purpose or special purpose computing system environments or configurations. Examples of well known computing systems, environments, and/or configurations that may be suitable for use with the invention include, but are not limited to, personal computers, server computers, hand-held or laptop devices, mobile phones and/or other personal digital assistants (“PDAs”), multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like. In a distributed computing environment, devices that perform the same or similar function may be viewed as being part of a “module” even if the devices are separate (whether local or remote) from each other.

The invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules may include routines, programs, objects, components, data structures, etc., that perform particular tasks or store or process data structures, objects and other data types. The invention may also be practiced in distributed computing environments where tasks are performed by separate (local or remote) processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

FIG. 3 shows a diagram of a conventional numeric layout 301. The conventional numerical layout contains three rows of three numbers. The number one 303 appears in the top left corner, and the rest of the numbers up to nine follow sequentially. The number zero 305 appears below the three rows of numbers.

FIG. 4 shows an illustrative method of a banking customer 403 utilizing a keypad to select inputs for information entry into an ATM 401. In FIG. 4, the banking customer 403 selects inputs by applying pressure to or achieving contact with a button marked with the desired input. Inputs displayed on a keypad may include numeric inputs 405 and functional inputs 406. Instructions to the banking customer and inputs selected by the banking customer may be displayed on a screen 407.

FIG. 5 shows an illustrative method of a banking customer 503 utilizing a touch screen 505 to select inputs for information entry into an ATM. Inputs displayed may include numeric inputs 509 and/or functional inputs 511. The touch screen 505 may display additional information 512. In FIG. 5, the banking customer 503 selects inputs by touching displayed choices. The touch screen 505 detects the presence and location of a customer's “touch” within the display area. In FIG. 5 the banking customer 503 is shown selecting an input 507 representing the number zero.

FIG. 6 shows an illustrative dynamic display 601 of a randomized presentation of numeric inputs available for a user to select. In FIG. 6 the input representing a number two 603 is displayed in a position that conventionally represents a number one. The input representing a number six 605 is displayed in a position that conventionally represents a number nine.

FIG. 7 shows another illustrative dynamic display 701 of a randomized presentation of inputs available for a user to select. In FIG. 7 the positions of functional and numeric inputs are randomized. An enter function 703 is displayed in a position that conventionally displays a number one 705. A stop function 707 is displayed in a position that conventionally displays a number five 709.

FIG. 8 shows another dynamic display of an illustrative non-conventional pattern presentation of inputs available for a user to select. FIG. 8 shows the numeric inputs displayed in an oval shape 801. Although the sequential order of the numbers displayed has not been changed, the pattern of the presentation alters the appearance of the presented inputs from a conventional layout. Each customer may be presented with a pattern randomly chosen from a set of defined patterns (not shown). Varying the different patterns presented preferably makes mapping hand movements to inputs selected more difficult.

FIG. 9 shows a dynamic display 901 based on shifting off-center with respect to the overall display the position of the displayed inputs. In FIG. 9 the numeric inputs 905 and functional inputs 907 have been shifted toward the top of screen 901. Additional information 903 has been shifted toward the bottom of screen 901. Varying the positions of displayed inputs relative to the center of screen 901 makes it more difficult for a hidden camera to record the hand movements of a customer.

FIG. 10 shows a dynamic key. The key utilizes a transparent surface 1001 and a screen 1005 visible through the transparent surface 1001. The screen 1005 may dynamically present different input choices to different banking customer. In some embodiments offsetting the screen 1005 from the transparent surface 1001 causes the side wall 1003 to form a tunnel that restricts the viewing angle of inputs displayed by screen 1005.

Thus, systems and methods for providing a more secure ATM transaction system have been provided. Persons skilled in the art will appreciate that the present invention can be practiced by other than the described embodiments, which are presented for purposes of illustration rather than of limitation. The present invention is limited only by the claims that follow.

Ghosh, Debashis, Bendel, Timothy J., Newman, Kurt D., Joa, David, Wadia, Rustam N.

Patent Priority Assignee Title
10108963, Apr 10 2012 Ping Identity Corporation System and method for secure transaction process via mobile device
10395230, Jul 09 2018 Capital One Services, LLC Systems and methods for the secure entry and authentication of confidential access codes for access to a user device
10831341, Oct 04 2018 The Toronto-Dominion Bank Automated device for data transfer
10866696, Oct 04 2018 The Toronto-Dominion Bank Automated device for data transfer
10984418, Oct 04 2018 The Toronto-Dominion Bank Automated device for data transfer
10996838, Apr 24 2019 The Toronto-Dominion Bank Automated teller device having accessibility configurations
11069201, Oct 04 2018 The Toronto-Dominion Bank Automated device for exchange of data
11270281, Jul 09 2018 Capital One Services, LLC Systems and methods for the secure entry and authentication of confidential access codes for access to a user device
11295038, Dec 09 2016 BANKS AND ACQUIRERS INTERNATIONAL HOLDING Method for securing data input, communications terminal and corresponding program
11543951, Apr 24 2019 The Toronto-Dominion Bank Automated teller device having accessibility configurations
11544370, Dec 27 2018 Worldpay, LLC Methods and systems for acoustic authentication
11874915, Dec 27 2018 Worldpay, LLC Methods and systems for acoustic authentication
11915241, Jul 09 2018 Capital One Services, LLC Systems and methods for the secure entry and authentication of confidential access codes for access to a user device
9781105, May 04 2015 PING IDENTITY ISRAEL LTD ; Ping Identity Corporation Fallback identity authentication techniques
9830594, May 17 2011 Ping Identity Corporation System and method for performing a secure transaction
9886688, Aug 31 2011 Ping Identity Corporation System and method for secure transaction process via mobile device
Patent Priority Assignee Title
5933515, Jul 25 1996 California Institute of Technology User identification through sequential input of fingerprints
5949348, Aug 17 1992 NCR Corporation Method and apparatus for variable keyboard display
6145053, Dec 03 1998 Western Digital Technologies, INC Data security method using head disk stiction
6229906, Jul 25 1996 California Institute of Technology Biometric sequence codes
6373967, Jul 25 1996 California Institute of Technology Biometric combination lock
6393139, Feb 23 1999 XIRLINK, INC Sequence-encoded multiple biometric template security system
6651168, Jan 29 1999 International Business Machines, Corp.; International Business Machines Corporation Authentication framework for multiple authentication processes and mechanisms
6654484, Oct 28 1999 Secure control data entry system
6944773, May 19 2000 Sony Corporation; Sony Electronics Inc. Method and apparatus for fingerprint authentication during on-line transactions
7270275, Sep 02 2004 CITIBANK, N A Secured pin entry device
7360248, Nov 09 1999 PayPal, Inc Methods and apparatus for verifying the identity of a user requesting access using location information
7362973, Sep 15 1999 International Business Machines Corporation Protecting secret data entry from infrared and audio eavesdropping
7451116, Mar 07 2001 GLAS AMERICAS LLC, AS THE SUCCESSOR AGENT Automated transaction machine digital signature system and method
7477239, Oct 29 2004 Xerox Corporation Reconfigurable lighted keypad
7486810, Apr 24 2008 International Business Machines Corporation On-type biometrics fingerprint soft keyboard
7992007, Feb 05 2002 CARDINAL COMMERCE CORPORATION Dynamic pin pad for credit/debit/ other electronic transactions
20010043726,
20010049785,
20010052541,
20020188872,
20030135764,
20030209599,
20040053692,
20040151353,
20040257238,
20050010649,
20050071637,
20050111709,
20060104486,
20060224523,
20060224645,
20070140530,
20080016276,
20080072331,
20080126260,
20080169944,
20080226146,
20090173781,
20090326732,
20100027045,
20100059587,
20100174653,
20100293605,
20110156865,
CN2694364,
//////////
Executed onAssignorAssigneeConveyanceFrameReelDoc
Dec 27 2010WADIA, RUSTAM N Bank of AmericaASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0255990944 pdf
Dec 27 2010WADIA, RUSTAM N Bank of America CorporationSUBMISSION TO CORRECT THE ASSIGNEE NAME ON A COVER SHEET PREVIOUSLY RECORDED ON REEL 025599 FRAME 09440368260604 pdf
Dec 28 2010BENDEL, TIMOTHY J Bank of AmericaASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0255990944 pdf
Dec 28 2010BENDEL, TIMOTHY J Bank of America CorporationSUBMISSION TO CORRECT THE ASSIGNEE NAME ON A COVER SHEET PREVIOUSLY RECORDED ON REEL 025599 FRAME 09440368260604 pdf
Jan 03 2011GHOSH, DEBASHISBank of America CorporationSUBMISSION TO CORRECT THE ASSIGNEE NAME ON A COVER SHEET PREVIOUSLY RECORDED ON REEL 025599 FRAME 09440368260604 pdf
Jan 03 2011NEWMAN, KURTBank of AmericaASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0255990944 pdf
Jan 03 2011GHOSH, DEBASHISBank of AmericaASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0255990944 pdf
Jan 03 2011NEWMAN, KURTBank of America CorporationSUBMISSION TO CORRECT THE ASSIGNEE NAME ON A COVER SHEET PREVIOUSLY RECORDED ON REEL 025599 FRAME 09440368260604 pdf
Jan 04 2011Bank of America Corporation(assignment on the face of the patent)
Oct 07 2015JOA, DAVIDBank of America CorporationASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0367620640 pdf
Date Maintenance Fee Events
May 14 2019M1551: Payment of Maintenance Fee, 4th Year, Large Entity.
Apr 20 2023M1552: Payment of Maintenance Fee, 8th Year, Large Entity.


Date Maintenance Schedule
Nov 24 20184 years fee payment window open
May 24 20196 months grace period start (w surcharge)
Nov 24 2019patent expiry (for year 4)
Nov 24 20212 years to revive unintentionally abandoned end. (for year 4)
Nov 24 20228 years fee payment window open
May 24 20236 months grace period start (w surcharge)
Nov 24 2023patent expiry (for year 8)
Nov 24 20252 years to revive unintentionally abandoned end. (for year 8)
Nov 24 202612 years fee payment window open
May 24 20276 months grace period start (w surcharge)
Nov 24 2027patent expiry (for year 12)
Nov 24 20292 years to revive unintentionally abandoned end. (for year 12)